Yandex.Browser automatically collects data about unwanted software on your OS and suggests you delete it in the case that it is discovered. Statistics gathering helps your browser discover if you have unwanted software in your system. This statistics gathering does not infringe on your data confidentiality.

Attention.Yandex.Browser prevents certain widespread internet-based threats, but is not a comprehensive antivirus program. However, Protect technology protects against computer threats that antivirus programs do not block. We recommend using both for full protection.

Modified system-launch parameters (StartPage)

This type of unwanted software adds an address for an advertised site that imitates a popular internet service to the system registry. The address is added to the key where legal software is registered for auto-launch.

As a result, every time you relaunch your computer, your default browser will open the advertised site.

Example entry

Driver-filter that displays unwanted content (Fake NetFilter)

This type of unwanted software comes in the form of a driver-filter. It intercepts internet traffic to display intrusive and shocking ads in the browser, open ad tabs, send users to unwanted sites, and steal their personal data.

This type of software works regardless of what browser you're using and even when the browser is closed.

Infected DNS

This type of unwanted software changes your system DNS settings.

Every time when the user opens a web page, the browser sends a request with the specified domain to the special DNS server and the DNS server sends the corresponding IP address in an answer.

Unwanted software changes the IP address of the standard DNS server. As a result, all queries will be sent to a different server, which will redirect users to malicious, phishing, or advertising sites.

Example entry

Infected Hosts

The hosts system file located in the C:\Windows\System32\drivers\etc folder contains a list of website domain addresses and their corresponding IP addresses. Malicious programs can write fake addresses to the hosts file, block access to popular sites, redirect users to phishing pages, or disable browsers' security functions.

Example entry

Unwanted browser extensions

This type of unwanted software installs malicious extensions that open advertising tabs in the browser, display intrusive or shocking ads, or steal user's personal data without the user's knowledge.

Antiviruses are not very good at recognizing malicious extensions. This is because all extensions operate within a browser and do not affect the computer’s operating system.

Unwanted software that modifies traffic (PBot)

This type of unwanted software launches every time an infected computer is turned on and tracks apps that the user launches. When the user opens one of the browsers, the malicious software will imbed its code in the browser process in order to redirect the user to an advertising or phishing page, change their default search settings, and steal the user's personal data.

Browser shortcut modification (Infected LNK)

This type of unwanted software changes the browser launch shortcut by adding additional parameters (usually a site address) or launch another app instead of the browser. As a result, the browser will open the ad page every time you launch it.